Skip to end of metadata
Go to start of metadata
 

Build a Nagios monitoring server using Chef cookbooks available from the Cookbooks Community Site and Hosted Chef.

This Walkthrough Guide assumes you followed the Fast Start Guide and have Chef installed and working with the Hosted Chef platform.

At the end of this guide, you'll have one Ubuntu 12.04 system running Nagios in Amazon EC2.

If you don't already have an account with Amazon AWS, go to Amazon Web Services and click "Sign up". You'll need the access and secret access key credentials from the sign-up later.


We are going to reuse many cookbooks from the Cookbooks Community Site to build the environment. The nagios cookbook is required, of course.  Other required cookbooks are included in the quickstart GIT repository below.

If you do not already have an account with Amazon AWS, go to Amazon Web Services and click "Sign up". You will need the access and secret access key credentials from the sign-up later.

 

 

Guide Based Upon Ubuntu 12.04 on Amazon AWS EC2 with Chef 10.18.

Note: At this time, the steps described above have only been tested on the identified platform(s). Opscode has not researched and does not support alternative steps that may lead to successful completion on other platforms. Platform(s) supported by this guide may change over time, so please do check back for updates. If you'd like to undertake this guide on an alternate platform, you may desire to turn to open source community resources for support assistance.

Get Adobe Flash player

If there are issues with the screencast above, it is also available at blip.tv.

 
 

Environment Setup

First, let's configure the local workstation.

Shell Environment

Obtain the Chef repository used for this guide. It contains all the components required. Use git:

Chef and Knife

If the workstation where you are running Knife is an Ubuntu or Debian system, you will need to install additional development packages before installing knife-ec2:

You'll will need to install the knife-ec2 Ruby gem to launch instances in Amazon EC2:

As part of the Chef Fast Start Guide, you cloned a chef-repo and copied the Knife configuration file (knife.rb), validation certificate (ORGNAME-validator.pem) and user certificate (USERNAME.pem) to ~/chef-repo/.chef/. Copy these files to the new rails-quick-start repository. You can also re-download the Knife configuration file for your organization with the Hosted Chef Management Console.

Add the Amazon AWS credentials to the Knife configuration file.

Add the following two lines to the end:

Once the nagios-quick-start and knife configuration is in place, we'll work from this directory.

Amazon AWS EC2

In addition to the credentials, two additional things need to be configured in the AWS account.

Configure the default security group to allow incoming connections for the following ports.

  • 22 - SSH
  • 80 - Nagios web interface

Add these to the default security group for the account using the AWS Console.

1. Sign into the Amazon AWS Console.
2. Click on the "Amazon EC2" tab at the top.
3. Click on "Security Groups" in the left sidebar of the AWS Console.
4. Select the "Default" group in the main pane.
5. Enter the values shown for each of the ports required.

Create an SSH Key Pair and save the private key in ~/.ssh.

1. In the AWS Console, click on "Key Pairs" in the left sidebar.
2. Click on "Create Keypair" at the top of the main pane.
3. Give the keypair a name like "nagios-quick-start".
4. The keypair will be downloaded automatically by the browser and saved to the default Downloads location.
5. Move the nagios-quick-start.pem file from the default Downloads location to ~/.ssh and change permissions so that only you can read the file. For example,

Acquire Cookbooks

The nagios-quick-start repository has all the cookbooks we need for this guide. They were downloaded along with their dependencies from the cookbooks site using Knife. These are in the cookbooks/ directory.

Upload all the cookbooks to Hosted Chef.

Server Roles

All the required roles have been created in the nagios-quick-start repository. They are in the roles/ directory.

Upload all the roles to Hosted Chef.

Data Bag Item

The nagios-quick-start repository contains a data bag item that has information about a default user that can log into the Nagios web interface, nagiosadmin.

The data bag name is users and the item name is nagiosadmin. Upload this to Hosted Chef.

Launch Single Instance

We are going to use an m1.small instance with the 64 bit Ubuntu 12.04 (Precise) image provided by Canonical. The identifier is ami-43e2772a for the AMI in us-east-1 with instance storage that we will use in this guide. We'll show you the knife ec2 server create sub-command to launch instances.

This command will:

  • Launch a server on EC2.
  • Connect it to Hosted Chef.
  • Configure the system with Chef.

Launch the Nagios monitoring server on a single instance.

Once complete, the instance will be running Nagios.

Verification

Knife will output the fully qualified domain name of the instance when the command completes. You can navigate to the Nagios instance with:

The login is nagiosadmin and the password is nagios.

Adding Service Checks

New service checks can be added easily. Update the services.cfg.erb template. If necessary, update the commands.cfg.erb template for an additional command. Then upload the cookbook.

If the check is for all hosts, use hostgroup_name all.

If the check is for a certain role, such as monitoring, make sure it only gets enabled in the configuration if that role exists. For example:

If the service check doesn't already exist in the commands.cfg.erb, add it.

Upload the Nagios cookbook and run chef on the monitoring node.

Refer to the Nagios Documentation for more information about writing Nagios service check definitions.

Adding NRPE Checks

To add a new NRPE check, create the entry in nrpe.cfg.erb. For example, to add a check for a process named "chef-client":

Then upload the cookbook and run chef on the client systems, and the plugin will be enabled via NRPE.

Refer to the Nagios Documentation for more information about NRPE.

Adding New Plugin Scripts

If you've found a cool Nagios plugin you'd like to use, you can distribute it to nodes with the cookbook files directory.

Then update the commands.cfg.erb for the new command, and enable a service check by adding an entry in services.cfg.erb, per the sections above.

Refer to the Nagios Documentation for more information about Nagios Plugins.

Appendix

Database Passwords

The data bag item for dbapp contains default passwords that should certainly be changed to something stronger.

The passwords in the dbapp Data Bag Item are set to the values show below:

To change the password to something stronger, modify mysql_root, mysql_debian, mysql_repl values. Something like the following secure passwords:

Once the entries are modified, simply load the data bag item from the json file:

Non-EC2 Systems

For people not using Amazon EC2, other Cloud computing providers can be used. Supported by knife and fog as of this revision:

  • Rackspace Cloud

See the Launch Cloud Instances with Knife for more information about using Knife to launch these instance types.

For people not using cloud at all, but have their own infrastructure and hardware, use the Knife Bootstrap knife command. Note that the run-list specification is slightly different. For the first example of the single instance:

See the contextual help for knife bootstrap on the additional options to set for SSH.

A Note about EC2 Instances

We used m1.small instances. This is a low performance instance size in EC2 and just fine for testing. Visit the Amazon AWS documentation to learn more about instance sizes.

 

 
Labels
  • None